[Twisted-Python] Twisted+M2Crypto patch

James Y Knight foom at fuhm.net
Wed Aug 11 17:40:00 EDT 2004


On Aug 11, 2004, at 3:49 PM, Heikki Toivonen wrote:
> I've been working on integrating M2Crypto to Twisted. M2Crypto is a 
> Python wrapper for OpenSSL.

IMO, this patch is messy and should not be accepted. It makes the 
twisted SSL implementation even more baroque than it already is by 
interleaving m2crypto and pyopenssl support code together into one big 
blob of insanity.

A switch to an alternative SSL implementation is only worthwhile if it 
lets us get *rid* of all the SSL turds all over the generic tcp code. 
SSL should be implementable as just another protocol. I believe that it 
is currently the fault of PyOpenSSL not exposing the right OpenSSL APIs 
for feeding data to it manually that Twisted's SSL is implemented the 
way it is.

With a good SSL library API, the Twisted SSL implementation can be done 
without any of the sorts of crazy hacks we currently have. See also 
<http://trevp.net/tlslite/>, a pure python SSL impl which I believe 
someone plugged into twisted in this fashion. I have not looked at it 
myself, however.

Someone ought to figure out how to clean up the twisted API to use 
TLSLite or M2Crypto or an improved PyOpenSSL, or all of the above, and 
get rid of all the ugly code we currently have. (well -- of course some 
of it will likely have to stay for backwards compatibility).

James





More information about the Twisted-Python mailing list